Parse a report and import the attributes into a MISP instance.
The current "official" repo is unmaintained and the tool does not work out of the box. Thus this fork and the fork of ioc_parser too.
git clone https://github.com/SteveClement/report_to_misp.git
cd report_to_misp
git submodule init
git submodule update
mkvirtualenv -p python3 report_to_misp
pip install -U setuptools pip
pip install -r ioc_parser/requirements.txt
cd ioc_parser
pip install .
cd ..
./report_to_misp.py -h
$ ./report_to_misp.py -nv -r cyber-security-report-2020.pdf -rf pdf -s https://misp-test.pid.lu -a UTm73X33UmTb33BB3Dr6B83eF3o8mOQZ310is9RO
Parsing report(s) at cyber-security-report-2020.pdf...
Reading in results...
Creating MISP event...
Attributes found in report: 13
MISP API add request response: <Response [200]>